General
-
Target
74ff743720861d8df6ef4c544a5e9fde
-
Size
78KB
-
Sample
240125-t76jjaahd7
-
MD5
74ff743720861d8df6ef4c544a5e9fde
-
SHA1
7f16a341dd213a72a17b4a3c98687da2490b7845
-
SHA256
fd7528d99301b85f7bba5d0a6e3a72afa7924123bec10cb91cf8dccb22c7603c
-
SHA512
b100dc560df2cac9df04e67e31777e270c02a6a1d060a315e805d4ff594e50f4762dfde30656502a496488a21a22f33ed389ae65d9cd9bae3dbfcec516bff092
-
SSDEEP
1536:mQwfwimgTY23tG90wIsWfHlWKSd+QSqWU5FMQCoFuJlmSKV/I0JZXdLxoSg5Kgm2:mnoimg13tG90HdQ3Sqt2oFUU5/IOBdLW
Static task
static1
Behavioral task
behavioral1
Sample
GOLAYA-TOPLESS.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
GOLAYA-TOPLESS.exe
-
Size
180KB
-
MD5
55e47874ef9912a4309c4c90af7b67f8
-
SHA1
bda07533ed744d3c78ee34ab416d883504212e3e
-
SHA256
c3199ed5f9a3d4e51e4ff8287875a04a91602e348dcef11c403e90d96eea59f7
-
SHA512
d01550350e18c0507e8f45e1a970cfd6bfa910c2a334fe65ffc26f7347e9b967906a950bd6918fa2c19aebfdf087f2f82bf3a47e96af1ef903697d3672edad36
-
SSDEEP
3072:TBAp5XhKpN4eOyVTGfhEClj8jTk+0h6ejmo:+bXE9OiTGfhEClq9dejD
-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-